Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » APSB15-01

Overview

Id APSB15-01
Name APSB15-01 Adobe Flash Player 13.0.0.260 ESR for Mac OS X (See Notes)
Vendor Name adobe
Product Adobe Flash Player
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 13 Jan 2015 12:00:00

APSB15-01

APSB15-01 Adobe Flash Player 13.0.0.260 ESR for Mac OS X (See Notes)

Vendor Name

adobe

Product

Adobe Flash Player

Released On

13 Jan 2015 12:00:00

Url

http://helpx.adobe.com/security/products/flash-player/apsb15-01.html

Description

Adobe Flash Player Plugin Extended Support Release (ESR) is used to run content created on the Adobe Flash platform within a Netscape-compatible web browser with a more controlled release cycle.

Flash Player 13.0.0.260 addresses the following security issues:

  • CVE-2015-0301: Resolves an improper file validation issue
  • CVE-2015-0302: Resolves an information disclosure vulnerability that could be exploited to capture keystrokes on the affected system
  • CVE-2015-0303, CVE-2015-0306: Resolve memory corruption vulnerabilities that could lead to code execution
  • CVE-2015-0304, CVE-2015-0309: Resolve heap-based buffer overflow vulnerabilities that could lead to code execution
  • CVE-2015-0305: Resolves a type confusion vulnerability that could lead to code execution
  • CVE-2015-0307: Resolves an out-of-bounds read vulnerability that could be exploited to leak memory addresses
  • CVE-2015-0308: Resolves a use-after-free vulnerability that could lead to code execution

  • Notes:
  • This update is applicable to Flash Player 10.x, 11.7.x (extended support versions 11.7.700.232 and higher) and 13.0.x (extended support versions 13.0.0.214 and higher)
  • By default, deployment will automatically update Adobe Flash Player
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"). An administrator may then manually install the update
  • Related Resources

    Related Vulnerabilities

    CVE-2015-0301   CVE-2015-0302   CVE-2015-0303   CVE-2015-0304   CVE-2015-0305   CVE-2015-0306   CVE-2015-0307   CVE-2015-0308   CVE-2015-0309  

    Related Patches

    Superseded Patches


    Last Updated: 27 May 2016 11:20:31